Calling an API

Most of you will be using MSAL to get an access token in order to call an API. You may be calling a Microsoft API, like Microsoft Graph or be calling an API that you and/or your organization published and are protecting with Azure Active Directory.

In either case there are some basic things that you'll need to know in order to make your request. The most important of which are the names of the scopes that your client application needs in order to enable corresponding features in your application.

Scope is the term used in the OAuth protocol, but the term permission is often used interchangeably within the Microsoft documentation. Scope refers to the scope of the authorization (permission) being requested by and/or granted to an application.

For Microsoft Graph the list of scopes (permissions) associated with it are published here: https://developer.microsoft.com/en-us/graph/docs/concepts/permissions_reference

If you need to request a scope for an API that your organization published you can refer to the documentation provided by your API developer or can view the application registration associated with the API in either apps.dev.microsoft.com or in the Azure Portal.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Calling an API

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Getting started with MSAL

Help and Contributing

Migrating

News

Other resources

Clone this wiki locally